Privacy Policy

Effective: April 26, 2026 · Last updated: April 28, 2026

Çeyizim ("the app") respects your privacy. This document explains what data we collect, why we process it, and what rights you have, in line with Apple's App Privacy requirements, the EU GDPR, and Turkey's KVKK (Law No. 6698 on the Protection of Personal Data).

1. Data Controller

The app is published by Osman Seven (individual developer).

• Contact: osman.seven97@icloud.com
• Bundle ID: com.osmanseven.ceyizim

2. Data We Collect

The app is designed to work without an account. The following data is processed only when you sign up or use family sharing:

Account information

• Email address (via Sign in with Apple; if you use Hide My Email, this may be an Apple relay address)
• Optional display name

User content

• Trousseau list: item names, categories, statuses, prices (if entered), notes
• Photos you upload (compressed, under 1 MB)
• Family member invites and role assignments

Purchase information

• Premium subscription state and plan type (via RevenueCat)
• Payment data is processed by Apple; we never see your card information.

Usage and diagnostics

• Anonymous event data (which screens were visited, which actions were taken) via PostHog EU
• Crash reports
• No advertising tracking. We do not collect IDFA.

3. Why We Process Data

• App functionality: List sync, family sharing, photo storage, subscription management.
• Security: Abuse detection, account verification.
• Product improvement: Anonymous usage analytics to understand which features work.
• Legal obligations: Billing records (via Apple).

4. Third-Party Services

• Firebase (Google LLC): Authentication, Firestore (database), Storage (photos), Cloud Messaging (notifications). Firebase Privacy
• RevenueCat: Subscription management, anonymous device ID. RevenueCat Privacy
• PostHog (EU Cloud): Anonymous product analytics. Data hosted in the EU. Autocapture and session replay are explicitly disabled. PostHog Privacy
• Apple: App Store purchases, Sign in with Apple, push notification service.

5. Data Retention

• While account is active: data is kept in sync.
• On account deletion request: cloud data deleted within 30 days; full backup purge within 90 days.
• Anonymous analytics: auto-deleted after 12 months.
• Billing records: per Apple's retention policy.

6. Your Rights (GDPR / KVKK)

You have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your data
• Request data portability (export)
• Object to processing
• Withdraw consent at any time
• Lodge a complaint with a supervisory authority (in TR: KVKK Kurumu; in EU: your national DPA)

To exercise these rights, email osman.seven97@icloud.com. We respond within 30 days.

7. Children

The app is rated 4+ but the target audience is 18+. We do not knowingly collect data from children under 13. If you believe a child has provided data, please contact us.

8. Data Security

• All traffic encrypted via HTTPS/TLS.
• Local database (SwiftData) protected by iOS Data Protection.
• Firebase Storage and Firestore access guarded by role-based Security Rules.

9. International Transfers

Firebase Storage photos are stored in a European regional bucket; Firebase and Apple services may still process technical data on infrastructure outside Turkey. PostHog data is stored in the European Union (Frankfurt). Cross-border transfers rely on Standard Contractual Clauses and KVKK Article 9 safeguards.

10. Policy Updates

We may update this policy from time to time. For significant changes, we will notify you via in-app notification or email. The effective date is updated on every revision.

11. Contact

Questions, requests, complaints: osman.seven97@icloud.com